Why the Principle of Least Privilege Is Critical for Non-Human Identities
Overprivileged non-human identities expose enterprises to massive risk. Enforcing least privilege with automation and visibility is critical for security.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
When Google Says "Scan for Secrets": A Complete Guide to Finding Hidden Credentials in Salesforce
The Salesloft Drift breach affected hundreds of organizations through Salesforce, including Cloudflare, Palo Alto Networks, and Zscaler. Google now explicitly recommends running secrets scanning tools across Salesforce data—here's your complete guide.
Automatic Secrets Redaction at Runtime: Building a GitGuardian Lambda Extension
I'm going to show you how to build a Lambda Runtime API extension that automatically scans and redacts sensitive information from your function responses, without touching a single line of your existing function code.
Beyond Secrets: How Managed Identities Are Transforming Multicloud Security
Managed identities offer a paradigm shift from "what fo you have"to "who you are" authentication, providing automated, short-lived credentials that eliminate credential sprawl across multicloud environments.
Investigating The Nx "s1ngularity" Attack: What GitGuardian Uncovered And How You Can Stay Safe
Discover the chilling details of the Nx “s1ngularity” supply chain attack. On August 26, 2025, the massively popular Nx npm package, with millions of weekly downloads, was compromised with credential‑harvesting malware.
GitGuardian MCP Sever - Example Use Cases and Installation
In this video, learn how to set up and use GitGuardian’s new MCP (Model Context Protocol) server to bring secrets security and Non-Human Identity (NHI) governance directly into your AI-powered IDE, like Cursor or Claude Desktop. GitGuardian Developer Advocate Dwayne McDaniel shows how to install the MCP server and run real use cases—like scanning for secrets, listing incidents, and creating honeytokens—all from inside your coding environment. Ready to embed security where code is written?
The Nx "s1ngularity" Attack: Inside the Credential Leak
On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian's monitoring data, we analyzed the exfiltrated credentials and reconstructed a fuller scope of exposure.
GitGuardian Remediation Guide - From Alert to Resolution
In this video, Dwayne McDaniel, Developer Advocate at GitGuardian, walks you through the workflow security and DevOps teams can follow to investigate and remediate a secret leak using the GitGuardian platform. Whether it’s an exposed API key, token, or internal credential, GitGuardian helps you go from alert to resolution with confidence.
How GitGuardian and Delinea Solve Improper Offboarding of NHIs at Scale
Learn how GitGuardian and Delinea solve the growing problem of improper offboarding for Non-Human Identities (NHIs). Discover why orphaned secrets are a top security risk and how to automate their lifecycle management.
Laravel APP_KEY Leaks Lead to RCE: GitGuardian + Synacktiv Reveal Massive Threat
In this video, cybersecurity researcher Guillaume Valadon of GitGuardian breaks down how exposed Laravel APP_KEYs on GitHub can lead to full Remote Code Execution (RCE) in real-world applications. Working in collaboration with Synacktiv, the team uncovered 260,000 exposed keys, validated 600+ vulnerable apps, and revealed that over 35% of leaks also exposed critical credentials like database passwords, cloud storage tokens, and API keys.